You Are Here: Home » Tiny Post » Securing your Linux server

Securing your Linux server

Posted by: Modified date: February 18, 2013 In: Tiny Post | comment : 0

How to restrict SSH login and authorize it only to specific group.
This setup was done on Ubuntu 10.04 Lucid
First make sure that you have or created users other than root
Adding a new username “adminuser”
sudo adduser adminuser
Now edit the group file to add this user to the sudoers and to our new group ssh_access that will be authorized to access via SSH
sudo vim /etc/group
Add or edit these line to fit the below configuration
sudo:x:27:adminuser
adm:x:4:adminuser
ssh_access:x:1001:adminuser

Now we need to restrict SSH login and authorize it only to the ssh_access group
vim /etc/ssh/sshd_config
Add or edit these line to fit the below configuration
PermitRootLogin no
AllowGroups ssh_access
Port 2220

Now reload the ssh service to enable the modification we made
sudo /etc/init.d/ssh reload
Now logout and login again with root this shouldn’t work, but if you try with the adminuser account it will be successfully.
ssh adminuser@YourHostIP:2220
Once connected as adminuser and you want to user root privileges use the sudo command before any command you type and enter the adminuser’s password.
If you want to switch to root user, try this
sudo su -
Enter adminuser’s password
Display effective user id
whoami
you should get “root” as a result!

Share
Clip to Evernote

About The Author

Network and system engineer

Number of Entries : 44

Related posts

Leave a Comment


− 5 = one

Creative Commons License

Scroll to top